What is the severity of cisco-sa-ftd-tls-bb-rCgtmY2?

The severity of cisco-sa-ftd-tls-bb-rCgtmY2 is considered critical due to the potential for unauthorized access to sensitive information.

How do I fix cisco-sa-ftd-tls-bb-rCgtmY2?

To fix cisco-sa-ftd-tls-bb-rCgtmY2, apply the recommended updates provided by Cisco for Firepower Threat Defense Software.

What causes the vulnerability cisco-sa-ftd-tls-bb-rCgtmY2?

The vulnerability cisco-sa-ftd-tls-bb-rCgtmY2 is caused by improper implementation of countermeasures against a Bleichenbacher attack.

Who is affected by cisco-sa-ftd-tls-bb-rCgtmY2?

Organizations using Cisco Firepower Threat Defense Software are affected by cisco-sa-ftd-tls-bb-rCgtmY2.

Can cisco-sa-ftd-tls-bb-rCgtmY2 be exploited remotely?

Yes, cisco-sa-ftd-tls-bb-rCgtmY2 can be exploited by an unauthenticated, remote attacker.

Vulnerability/
cisco-sa-ftd-tls-bb-rCgtmY2

medium

5.3

9/11/2022

cisco-sa-ftd-tls-bb-rCgtmY2: Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability

First published: Wed Nov 09 2022(Updated: )

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2 This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: November 2022 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.

Credit: This vulnerability was found during the resolution a Cisco TAC support case

Affected Software	Affected Version	How to fix
Cisco Firepower Management Center (FMC) and Firepower Threat Defense (FTD) Software

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2 (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2022-20940

Frequently Asked Questions

What is the severity of cisco-sa-ftd-tls-bb-rCgtmY2?
The severity of cisco-sa-ftd-tls-bb-rCgtmY2 is considered critical due to the potential for unauthorized access to sensitive information.
How do I fix cisco-sa-ftd-tls-bb-rCgtmY2?
To fix cisco-sa-ftd-tls-bb-rCgtmY2, apply the recommended updates provided by Cisco for Firepower Threat Defense Software.
What causes the vulnerability cisco-sa-ftd-tls-bb-rCgtmY2?
The vulnerability cisco-sa-ftd-tls-bb-rCgtmY2 is caused by improper implementation of countermeasures against a Bleichenbacher attack.
Who is affected by cisco-sa-ftd-tls-bb-rCgtmY2?
Organizations using Cisco Firepower Threat Defense Software are affected by cisco-sa-ftd-tls-bb-rCgtmY2.
Can cisco-sa-ftd-tls-bb-rCgtmY2 be exploited remotely?
Yes, cisco-sa-ftd-tls-bb-rCgtmY2 can be exploited by an unauthenticated, remote attacker.

collector/cisco-advisory
agent/event
agent/type
agent/last-modified-date
agent/first-publish-date
agent/author
agent/severity
agent/references
agent/title
agent/description
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco firepower management center (fmc) and firepower threat defense (ftd) software

Frequently Asked Questions

What is the severity of cisco-sa-ftd-tls-bb-rCgtmY2?
The severity of cisco-sa-ftd-tls-bb-rCgtmY2 is considered critical due to the potential for unauthorized access to sensitive information.
How do I fix cisco-sa-ftd-tls-bb-rCgtmY2?
To fix cisco-sa-ftd-tls-bb-rCgtmY2, apply the recommended updates provided by Cisco for Firepower Threat Defense Software.
What causes the vulnerability cisco-sa-ftd-tls-bb-rCgtmY2?
The vulnerability cisco-sa-ftd-tls-bb-rCgtmY2 is caused by improper implementation of countermeasures against a Bleichenbacher attack.
Who is affected by cisco-sa-ftd-tls-bb-rCgtmY2?
Organizations using Cisco Firepower Threat Defense Software are affected by cisco-sa-ftd-tls-bb-rCgtmY2.
Can cisco-sa-ftd-tls-bb-rCgtmY2 be exploited remotely?
Yes, cisco-sa-ftd-tls-bb-rCgtmY2 can be exploited by an unauthenticated, remote attacker.

cisco-sa-ftd-tls-bb-rCgtmY2: Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

Frequently Asked Questions

What is the severity of cisco-sa-ftd-tls-bb-rCgtmY2?

How do I fix cisco-sa-ftd-tls-bb-rCgtmY2?

What causes the vulnerability cisco-sa-ftd-tls-bb-rCgtmY2?

Who is affected by cisco-sa-ftd-tls-bb-rCgtmY2?

Can cisco-sa-ftd-tls-bb-rCgtmY2 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of cisco-sa-ftd-tls-bb-rCgtmY2?

How do I fix cisco-sa-ftd-tls-bb-rCgtmY2?

What causes the vulnerability cisco-sa-ftd-tls-bb-rCgtmY2?

Who is affected by cisco-sa-ftd-tls-bb-rCgtmY2?

Can cisco-sa-ftd-tls-bb-rCgtmY2 be exploited remotely?